﻿#if NETFRAMEWORK
using System;
using System.Security.Cryptography;

namespace OwinSessionMiddleware
{
    /// <summary>
    /// Options class for the <see cref="SessionMiddleware"/> class.
    /// </summary>
    public class SessionMiddlewareOptions
    {
        /// <summary>
        /// The name of the session cookie.
        /// </summary>
        public string CookieName { get; set; } = SessionMiddlewareDefaults.CookieName;

        /// <summary>
        /// The domain of the session cookie.
        /// </summary>
        public string CookieDomain { get; set; } = null;

        /// <summary>
        /// The lifetime of the session cookie. Set to null for a cookie that is bound to the browser session (default).
        /// </summary>
        public TimeSpan? CookieLifetime { get; set; } = null;

        /// <summary>
        /// Secure cookies are only sent by the browser over HTTPS. This setting is enabled by default.
        /// </summary>
        public bool UseSecureCookie { get; set; } = true;

        /// <summary>
        /// The session store.
        /// </summary>
        public ISessionStore Store { get; set; } = new InMemorySessionStore();

        /// <summary>
        /// A <see cref="Func{String}"/> that will be called whenever a new session id needs to be generated.
        /// Default implementation is based on a unique <see cref="Guid"/> combined with a random part generated by <see cref="RNGCryptoServiceProvider"/>.
        /// </summary>
        public Func<string> UniqueSessionIdGenerator { get; set; } = SessionMiddlewareDefaults.UniqueSessionIdGenerator;
    }
}
#endif